<?php
session_start();
include_once('db.php');
include_once('mail.php');
include_once('constants.php');

if(!empty($_SESSION['freecap_word_hash']) && !empty($_POST['word']))
{
  $username = $_POST['regusername'];
  $secpassword = $_POST['regsecpassword'];
  $name = $_POST['name'];
  $email = $_POST['email'];
  $public = $_POST['public'] ? 1 : 0;
  $terms = $_POST['terms'] ? true : false;
  $country = $_POST['country'];
  // all freeCap words are lowercase.
	// font #4 looks uppercase, but trust me, it's not...
	if($_SESSION['hash_func'](strtolower($_POST['word']))==$_SESSION['freecap_word_hash'])
	{
		// reset freeCap session vars
		// cannot stress enough how important it is to do this
		// defeats re-use of known image with spoofed session id
		$_SESSION['freecap_attempts'] = 0;
		$_SESSION['freecap_word_hash'] = false;

		// now process form
        
    $error = false;
    $errordesc = "";
    // check data
    if ( empty($username) || strlen($username) < 6 )
    {
      $error = true;
      $errordesc = " Sorry, your username must be between 6 and 30 characters long.";
    }
    if ( empty($secpassword) || strlen($secpassword) < 6)
    {
      $error = true;
      $errordesc = " Sorry, your password must be between 6 and 30 characters long.";
    }
    if ( empty($email) || strlen($email) < 4)
    {
      $error = true;
      $errordesc = "Invalid email.";
    }
    if ( empty($terms) || !terms)
    {
      $error = true;
      $errordesc = "You must agree with the terms of user.";
    }
    
    if ( !$error)
    {
      $conn = &ADONewConnection($dbType);
      $conn->PConnect($dbServer, $dbUser, $dbPassword, $dbName);
      //$conn->debug = true;  
      // check if login is not taken
      $query = "select login, email from user where lower(login)=".$conn->qstr(strtolower($username))." or lower(email)=".$conn->qstr(strtolower($email));
      $rs = &$conn->Execute($query);    
      if ( $rs->EOF)
      {
        // insert new user
        $tid = rand(1000000,9999999);
        $query = "insert into user (login, password, name, email, trackid, state, privileges, publicpos, lastPosition, id_country) VALUES(".$conn->qstr($username).", ".$conn->qstr($secpassword).",".$conn->qstr($name).",".$conn->qstr($email).",".$tid.",0,1,$public,0, ".$conn->qstr($country).")";  
        $conn->Execute($query);
      
        mailRegisterConfirm($username, $name, $email, $tid);
        
        //$done = true;
        header("Location: activate.php?actemail=$email");
        exit;
        
      }
      else
      {
        $error = true;       
        if ( strtolower($rs->fields["0"]) == strtolower($username))
        {          
          $errordesc = "Login taken. Please try another.";
        }
        if ( strtolower($rs->fields["1"]) == strtolower($email))
        {          
          $errordesc .= "<br>Email taken. Please try another.";
        }
      }
    }
		 
		//$word_ok = "yes";
	} else {
		$error = true;
        $errordesc = "Word verification failed.";
	}
} else {
	$error = false;
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml">
  <head>
    <meta http-equiv="content-type" content="text/html; charset=utf-8"/>
    <title><?php echo $product_name;?></title>
    <link rel="stylesheet" href="css/main.css" type="text/css">
    
    <script type="text/javascript" src="scripts/md5.js"></script>
  
    <script type="text/javascript">
      //<![CDATA[
      function registerSubmit() {
        var userName = document.forms["regform"].regusername.value;
        if (userName == '') {
          var error = document.getElementById("error");
          error.innerHTML = "Please enter your username.";	                 
          document.forms["regform"].regusername.focus();
          return false;
        }
        
        if (userName.length < 6) {
          var error = document.getElementById("error");
          error.innerHTML = " Sorry, your username must be between 6 and 30 characters long.";                   
          document.forms["regform"].regusername.focus();
          return false;
        }
        var pass = document.forms["regform"].regpassword.value;
        if (pass == '') {
          var error = document.getElementById("error");
          error.innerHTML = "Please enter your password.<br/><br/>";       	                  
          document.forms["regform"].regpassword.focus();
          return false;
        }
        if (pass.length < 6) {
          var error = document.getElementById("error");
          error.innerHTML = " Sorry, your password must be between 6 and 30 characters long.";                  
          document.forms["regform"].regpassword.focus();
          return false;
        }
        if (pass != document.forms["regform"].regrepassword.value) {
          var error = document.getElementById("error");
          error.innerHTML = "Passwords don't match. Please try again.";          
          document.forms["regform"].regpassword.value = '';
          document.forms["regform"].regrepassword.value = '';
          document.forms["regform"].regpassword.focus();
          return false;
        }
        if (document.forms["regform"].email.value == '') {
          var error = document.getElementById("error");
          error.innerHTML = "Please enter your email address.";	                  
          document.forms["regform"].email.focus();
          return false;
        }
        if (document.forms["regform"].name.value == '') {
          var error = document.getElementById("error");
          error.innerHTML = "Please enter your name.";        	                  
          document.forms["regform"].name.focus();
          return false;
        }
        if (document.forms["regform"].reemail.value != document.forms["regform"].email.value) {
          var error = document.getElementById("error");
          error.innerHTML = "Please confirm your email.";          
          document.forms["regform"].reemail.focus();
          return false;
        }
        if (document.forms["regform"].word.value == '') {
          var error = document.getElementById("error");
          error.innerHTML = "Please enter your confirmation key.";        
          document.forms["regform"].word.focus();
          return false;
        }
        if (!document.forms["regform"].terms.checked) {
          var error = document.getElementById("error");
          error.innerHTML = "You must agree with the terms of use.";                    
          return false;
        }

        document.forms["regform"].regsecpassword.value = md5(document.forms["regform"].regpassword.value);
        document.forms["regform"].regpassword.value = '';
        document.forms["regform"].regrepassword.value = '';
        document.forms["regform"].reemail.value = '';
        return true;
      }

      function new_freecap() {
        if (document.getElementById) {
          thesrc = document.getElementById("freecap").src;
          thesrc = thesrc.substring(0,thesrc.lastIndexOf(".")+4);
          // add ?(random) to prevent browser/isp caching
          document.getElementById("freecap").src = thesrc+"?"+Math.round(Math.random()*100000);
        } else {
          alert("Sorry, cannot autoreload word image\nSubmit the form and a new word will be loaded");
        }
      }

      //]]>
    </script>

    
  </head>
  <body>    
    <div id="main">
    <?php 
      include ("header.php");      
    ?>   
    
    <div id="content">               
      <h1>Step 1. Sign up for an account, it's free!</h1>
      <br/>
      <p class="error" id="error">
        <?php                     
            if ($error) {
              echo $errordesc."<br/>";
            } else {
              echo "<br/>";
            }
        ?>        
      </p><br/>
      <div id="mainform">      
        <form id="regform" class="mform" action="register.php" onsubmit="return registerSubmit();" method="post" enctype="multipart/form-data">
        <table>
          <tr>
            <td><label for="username" accesskey="u">Username:</label></td>
            <td class="btext"><input type="text" name="regusername" id="regusername" size="30" value="<?php echo $username; ?>"/></td>
            <td id="errorName"></td>
          </tr>
          <tr>
            <td><label for="password" accesskey="p">Choose a password:</label></td>
            <td class="btext"><input type="password" name="regpassword" id="regpassword" size="30"/><input type="hidden" name="regsecpassword" id="regsecpassword" value=""/></td>
          </tr>
          <tr>
            <td><label for="regrepassword" accesskey="r">Re-enter password:</label></td>
            <td class="btext"><input type="password" name="regrepassword" id="regrepassword" size="30"/></td>
          </tr>
          <tr><td colspan="2"><hr/></td></tr>
          <tr>
            <td><label for="name" accesskey="n">Your name:</label></td>
            <td class="text"><input type="text" name="name" id="name" size="30"value="<?php echo $name; ?>"/></td>
          </tr>
          <tr>
            <td><label for="email" accesskey="e">Email address:</label></td>
            <td class="text"><input type="text" name="email" id="email" size="30" value="<?php echo $email; ?>"/></td>
          </tr>
          <tr>
            <td><label for="reemail" accesskey="a">Re-type email address:</label></td>
            <td class="text"><input type="text" name="reemail" id="reemail" size="30" value="<?php echo $email; ?>"/></td>
          </tr>
          <tr>
            <td><label for="country" accesskey="a">Country:</label></td>
            <td class="text">
              <?php include('country.php'); ?>              
            </td>
          </tr>          
          <tr>
            <td>Make my location public:</td>
            <td><input type="checkbox" name="public" id="public" <?php if ($public ==1) echo 'checked'; ?> /></td>
          </tr>
          <tr>
            <td>Type the word bellow:</>
            <td><label for="word" accesskey="w"></label><input type="text" name="word" id="word" size="30"/></td>
          </tr>
          <tr>
            <td>&nbsp;</td>
            <td><img src="./lib/freecap/freecap.php" id="freecap" alt="Are you a bot?"/></td>
          </tr>
          <tr>
            <td>&nbsp;</td>
            <td class="text"><sub>If you can't read the word, <a href="#" onclick="this.blur();new_freecap();return false;">click here</a></sub></td>
          </tr>
          <tr>
            <td>
             You read and agree with<br/> the <a onclick="window.open('terms.php','terms')" href="#">terms of use.</a>
            </td>
            <td>
             <input type="checkbox" name="terms" id="terms" />
            </td>
          </tr>
          <tr><td colspan="2"><hr/></td></tr>
          <tr><td></td><td class="btn" colspan="2"><input type="submit" id="signup" name="signup" value="Sign Up"/></td></tr>
        </table>
        </form>
      </div>
    </div> <!-- content -->
    
    <?php 
        include ("footer.php");      
      ?>
    </div><!-- main -->
    <?php         
        include ("ga.php");
    ?>
  </body>
</html>
